Information Security Specialist (OffSec, Red Teaming, PT)

Our world is transforming, and PTC is leading the way. Our software brings the physical and digital worlds together, enabling companies to improve operations, create better products, and empower people in all aspects of their business. 

Our people make all the difference in our success. Today, we are a global team of nearly 7,000 and our main objective is to create opportunities for our team members to explore, learn, and grow – all while seeing their ideas come to life and celebrating the differences that make us who we are and the work we do possible.  

• Execute long term offensive security engagements and identify security gaps within the infrastructure and services.
• Perform Recon, Weaponization, Payload Delivery and C&C techniques.
• Research the TTPs of various threat actors and create payloads that can emulate those threat actors.
• Utilizing Threat intelligence to aid red team campaigns.
• Execute Windows and Unix lateral movement and foothold techniques.
• Windows AD environment and exploitation techniques.
• Exploiting Web, Mobile and Desktop applications.
• Performing security code reviews.
• Performing software reverse engineering and malware analysis
• Remediate the identified security gaps by writing code, writing rules for IDS system, etc.
• Train employees on how to avoid falling prey to social engineering tactics and execute social engineering engagements
• Analyse digital forensics and be a part of incident response during a security incident
• Review security groups, VPC configurations, etc. to strengthen the cloud infrastructure setup
• Participate in tabletop exercises as a part of purple teaming initiative
• Presenting the findings to senior management and executives.

KEY COMPETENCIES:

• Offensive security technical skill
• Quick decision-making capabilities.
• Persistence and follow through on tasks.
• Demonstrates ability to follow through on multiple tasks or issues.
• Assumes responsibility and accountability for successfully completing assignments.
• Identify obstacles and overcome barriers under guidance.
• Flexible and adaptable to taking on new responsibilities and learning new technology.
• Team player who possesses excellent interpersonal skills and communication abilities, with a high degree of self-confidence.

REQUIRED EXPERIENCE:

• 3+ years’ experience in offensive security testing.
• Understanding of coding skills in .Net, C, C++, Java, Web technologies and UI scripts (JS, typescript, web assembly, etc.)
• 2+ years of scripting skills using Go, Python, Perl, etc.
• 1-2 years’ experience of writing / modifying exploit codes.
• 2-3 years’ experience with commercial and open-source network/web vulnerability scanners.
• Extensive experience on Red Team Campaigns and Red Team Tools.
• Extensive experience using tools such Metasploit, Cobalt Strike, DNSCAT2, Caldera, Clockify etc.
• Familiarity with various network architectures, network services, system types, network devices, development platforms, software suites & tools like Wireshark.
• Understanding of MITRE attack Frameworks and Cyber Kill Chain.
• Experience in Code review, Malware Analysis, Reverse Engineering.
• Fundamental understanding of computer networks and WiFi technology.
• Solid understanding of cloud computing.
• AV /EDR bypass is a desirable skill.

QUALIFICATIONS: -

• Master’s/Bachelor’s degree in Computer Science or years of related experience+.      
• OSCP, CRTO, CRTP, PenTest+, PNPT, Red Teams Ops, etc.

Life at PTC is about more than working with today’s most cutting-edge technologies to transform the physical world. It’s about showing up as you are and working alongside some of today’s most talented industry leaders to transform the world around you. 

If you share our passion for problem-solving through innovation, you’ll likely become just as passionate about the PTC experience as we are. Are you ready to explore your next career move with us?

We respect the privacy rights of individuals and are committed to handling Personal Information responsibly and in accordance with all applicable privacy and data protection laws. Review our Privacy Policy here."